Suku Nair

A comparison of machine learning techniques for phishing detection

There are many applications available for phishing detection. However, unlike predicting spam, there are only few studies that compare machine learning techniques in predicting phishing. The present study compares the predictive accuracy of several machine learning methods including Logistic Regression (LR), Classification and Regression Trees (CART), Bayesian Additive Regression Trees (BART), Support Vector Machines (SVM), Random Forests (RF), and Neural Networks (NNet) for predicting phishing emails. A data set of 2889 phishing and legitimate emails is used in the comparative study. In addition, 43 features are used to train and test the classifiers.

Metro Ethernet traffic engineering based on optimal multiple spanning trees

The flexibility, scalability, simplicity and low cost of Ethernet technology makes it an ideal networking technology for Metro networks. However, the new Ethernet-based solutions must be able to support the growing network needs of the enterprise including the various QoS requirements. Our focus in this paper is traffic engineering which is one of the integral components of QoS provisioning. We propose a scheme based on the generation and management of multiple spanning trees for near optimal traffic distribution.

Bypassing Security Toolbars and Phishing Filters via DNS Poisoning

Security toolbars are used to protect naive users against phishing attacks by displaying warnings on suspicious sites. Recently, Web browsers have added built-in phishing filters mimicking the same functionality to detect phishing sites. The present study proposes a new attack to bypass security toolbars and phishing filters via DNS poisoning. Spoofed DNS cache entries are used to forge the results provided to security toolbars and thus misleading information is displayed to the victim. Although there are several studies that demonstrate DNS poisoning attacks, none to our best knowledge, investigate whether such attacks can circumvent security toolbars or phishing filters. Four well-known security toolbars and three reputable browser built- in phishing filters are scrutinized. None of the seven tools detect the attack. Worse still, security toolbars provide the victim with false confirmative indicators that the phishing site is legitimate.

Bayesian Additive Regression Trees-Based Spam Detection for Enhanced Email Privacy

Spam is considered an invasion of privacy. Its changeable structures and variability raise the need for new spam classification techniques. The present study proposes using Bayesian additive regression trees (BART) for spam classification and evaluates its performance against other classification methods, including logistic regression, support vector machines, classification and regression trees, neural networks, random forests, and naive Bayes. BART in its original form is not designed for such problems, hence we modify BART and make it applicable to classification problems. We evaluate the classifiers using three spam datasets; Ling-Spam, PU1, and Spambase to determine the predictive accuracy and the false positive rate.

Bandwidth sensitive fast failure recovery scheme for Metro Ethernet

Restoration in Ethernet has evolved over the years as specified in various standards: first the classical reconstruction of spanning trees was proposed in 802.1d; later 802.w specified RSTP to reduce the convergence time required in the STP protocol. Recently, the use of multiple spanning tree was suggested in 802.1s standard. In addition, there have been several proposals to implement multiple tree based restoration. Even though the results are promising they fall short of elevating Ethernet to a carrier grade technology. In this paper, we develop a distributed fast failure recovery spanning tree scheme, which restores lost facilities within tens of milliseconds. Recovery algorithm is localized around the point of failure on the spanning tree, thus avoiding disruption of the entire network. Failures are repaired using pre-configured sub spanning trees which are computed based on traffic requirements and resource availability. This paper also proposes possible enhancements to the failure recovery method using IEEE link aggregation standard to further reduce restoration time and provide differentiated survivability.

Traffic engineering in enterprise ethernet with multiple spanning tree regions

IEEE 802.1s multiple spanning tree protocol (MSTP) is part of a family of standards for local and metropolitan area networks based on Ethernet protocol. MSTP allows a set of regions to be defined whose logical union spans the entire network, which in turn defines the association between VLANs and Spanning Tree Instances. In this paper we propose an algorithmic approach for constructing multiple spanning tree regions in the enterprise network domain which will provide better convergence time, reusability of VLAN tags, protection from failures, and optimal broadcast domain size.

Cyber-physical security using system-level PUFs

Cyber Physical Systems (CPS) is an emerging computing paradigm that is becoming prevalent in various technologies. Achieving a trustworthy CPS requires us to build mechanisms that ensure the integrity and authenticity of these systems. Fortunately with the new advancements in semi-conductor-based technologies, in particular Physical Unclonable Functions (PUFs), we have the potential to build secure couplings between cyber and physical substrates based on intrinsic physical material. In this paper, we share some thoughts on how to utilize the PUF technology for security in CPS. Based on a composition approach, we illustrate the benefits of combining multiple PUF elements, with some inherently bias factor, into one randomly secure and strong system-level PUF.

Developing a SSE-CMM-based security risk assessment process for patient-centered healthcare systems

Information security and privacy are the major concerns in healthcare domain. However, there lacks a comprehensive framework for evaluating the security engineering practices for healthcare systems. Current transition from institution-centered to patient-centered healthcare introduces additional security and privacy problems. With the intensive human (especially the patient) interaction involved in the patient-centered health care systems, information security and privacy can be assured not only by technologies and infrastructure but also by process. This paper develops a mapping from SSE-CMM process areas to the patient-centered healthcare domain aiming at establishing a set of metrics to assess security risks for patient-centered healthcare systems. Based on the mapping, a security risk assessment process is then proposed to evaluate the PHR system (a typical patient-centered healthcare system).

PupilWare: towards pervasive cognitive load measurement using commodity devices

Cognitive load refers to the amount of effort required by an individual to process information. Dating back more than fifty years, the cognitive psychology community has conducted experiments showing that the cognitive load experienced by an individual can be measured using sub-millimeter fluctuations in their pupil size, assessed using medical grade infrared devices known as pupillometers, and more recently, infrared eye-trackers. However the cost and availability of these eye-trackers limits most pupil response measurement to laboratory settings. We argue that ubiquitously measuring pupillary response could transform the next generation of context aware computing applications---enabling computational devices to understand a users current ability to process information, especially for users with cognitive disabilities. To this end, we present PupilWare, a system that analyzes pupil size changes through commodity cameras like those in a laptop. We evaluate PupilWares ability to measure changes in pupil dilation using classic cognitive psychology experiments and validate its performance compared to infrared gaze trackers and medical grade pupillometers. We conclude that, in controlled conditions, PupilWare is as accurate as infrared eye-tracking for assessing task evoked cognitive load, though has problems with dark eyed individuals and eyelid occlusion.

A distributed architecture for phishing detection using Bayesian Additive Regression Trees

With the variety of applications in mobile devices, such devices are no longer deemed calling gadgets merely. Various applications are used to browse the Internet, thus access financial data, and store sensitive personal information. In consequence, mobile devices are exposed to several types of attacks. Specifically, phishing attacks can easily take advantage of the limited or lack of security and defense applications therein. Furthermore, the limited power, storage, and processing capabilities render machine learning techniques inapt to classify phishing and spam emails in such devices. The present study proposes a distributed architecture hinging on machine learning approaches to detect phishing emails in a mobile environment based on a modified version of Bayesian additive regression trees (BART). Apparently, BART suffers from high computational time and memory overhead, therefore, distributed algorithms are proposed to accommodate detection applications in resource constrained wireless environments.